Commit Graph

10473 Commits

Author SHA1 Message Date
Hasan Ramezani 226ebb1729 Fixed #28622 -- Allowed specifying password reset link expiration in seconds and deprecated PASSWORD_RESET_TIMEOUT_DAYS. 2019-09-20 13:52:04 +02:00
James Timmins 0719edcd5f Fixed #30771 -- Fixed exact lookup against queries with selected columns.
Use pre-existing select fields (and thereby GROUP BY fields) from
subquery if they were specified, instead of always defaulting to pk.

Thanks Aur Saraf for the report and Simon Charette for guidance.
2019-09-20 10:42:14 +02:00
Carlton Gibson bed4a1527b Refs #27462 -- Added tests of pk_set in m2m_changed signal receivers for repeated add/remove calls. 2019-09-19 11:34:59 +02:00
Daniel Fairhead 5cb3ed187b Fixed #30772 -- Optimized make_template_fragment_key().
Removed usage of urllib.quote(), unnecessary since cbbe60c7fc.
Used hasher's .update() on key fragments.
2019-09-18 14:53:05 +02:00
Sam Reynolds 6c9778a58e Fixed #30776 -- Restored max length validation on AuthenticationForm.UsernameField.
Regression in 5ceaf14686.

Thanks gopackgo90 for the report and Mariusz Felisiak for tests.
2019-09-18 11:37:38 +02:00
Nasir Hussain faf4b988fe Fixed #30758 -- Made RangeFields use multiple hidden inputs for initial data. 2019-09-17 12:08:49 +02:00
Nasir Hussain 733dbb21c7 Refs #30758 -- Added more tests for postgres.forms.ranges. 2019-09-17 12:08:16 +02:00
Hasan Ramezani b9db423d3c Fixed #29376 -- Allowed hiding "Save and Add Another" button in admin. 2019-09-16 11:37:09 +02:00
Simon Charette 6c3dfba892 Fixed #30769 -- Fixed a crash when filtering against a subquery JSON/HStoreField annotation.
This was a regression introduced by 7deeabc7c7
to address CVE-2019-14234.

Thanks Tim Kleinschmidt for the report and Mariusz for the tests.
2019-09-16 08:24:40 +02:00
Carlton Gibson b5db65c4fb Increased the default PBKDF2 iterations for Django 3.1. 2019-09-12 17:24:01 +02:00
Mariusz Felisiak c8250ef361
Refs #27338 -- Added tests for altering CharField with primary_key=True to AutoField on PostgreSQL.
Fixed in 91b2bc3e70.
2019-09-11 13:40:49 +02:00
Mariusz Felisiak 937ddaff55
Refs #30591 -- Fixed too long identifier crash in migrations.test_operations on MySQL 8.0.16+. 2019-09-11 12:20:16 +02:00
Adnan Umer 241deed259 Fixed #30591 -- Fixed recreation of foreign key constraints on MySQL when altering type of referenced unique field.
Thanks Mariusz Felisiak for tests and Matthijs Kooijman for
investigation and initial patch.
2019-09-11 11:21:08 +02:00
Mariusz Felisiak 9a2a12d415 Advanced deprecation warnings for Django 3.1. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 0ddb4ebf7b Refs #14357 -- Made Meta.ordering not affect GROUP BY queries.
Per deprecation timeline.
2019-09-10 12:01:00 +02:00
Mariusz Felisiak d17be88afd Refs #30037 -- Required the RemoteUserBackend.configure_user() to have request as the first positional argument.
Per deprecation timeline.
2019-09-10 12:01:00 +02:00
Mariusz Felisiak b61ea56789 Refs #28478 -- Removed support for TestCase's allow_database_queries and multi_db per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak f1894bae30 Refs #28606 -- Removed CachedStaticFilesStorage per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 81993b47ea Refs #29703 -- Removed QuerySetPaginator alias per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak cb2be9d5d5 Refs #29546 -- Removed django.utils.timezone.FixedOffset per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 3d716467a9 Refs #29817 -- Removed settings.FILE_CHARSET per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak b47bb4c4a7 Refs #29598 -- Removed FloatRangeField per deprecation timeline. 2019-09-10 12:01:00 +02:00
Simon Charette 34decdebf1 Fixed #30754 -- Prevented inclusion of aliases in partial index conditions.
SQLite doesn't repoint table aliases in partial index conditions on table
rename which breaks the documented table alteration procedure.

Thanks Pēteris Caune for the report.
2019-09-10 10:03:16 +02:00
Vojtech Bocek b1d37fea8f Fixed #28107 -- Added DatabaseFeatures.allows_group_by_selected_pks_on_model() to allow enabling optimization for unmanaged models. 2019-09-09 14:04:46 +02:00
Nick Pope 406dba04e1 Fixed #29406 -- Added support for Referrer-Policy header.
Thanks to James Bennett for the initial implementation.
2019-09-09 13:35:41 +02:00
Johannes Hoppe 7254f1138d Refs #29444 -- Allowed returning multiple fields from INSERT statements on PostgreSQL.
Thanks Florian Apolloner, Tim Graham, Simon Charette, Nick Pope, and
Mariusz Felisiak for reviews.
2019-09-09 10:51:14 +02:00
Nick Pope b6251956b6 Fixed #30757 -- Added a system check to ensure max_length fits the longest choice. 2019-09-09 10:28:18 +02:00
Claude Paroz 05d0eca635 Fixed #30426 -- Changed X_FRAME_OPTIONS setting default to DENY. 2019-09-09 08:15:26 +02:00
Hasan Ramezani 6c379f1a18 Fixed #30763 -- Fixed management commands when using required mutually exclusive groups. 2019-09-06 10:55:24 +02:00
Hasan Ramezani b93d786251 Made SchemaTests.test_alter_db_table_case run only on backends where table names are case-insensitive. 2019-09-05 08:59:48 +02:00
Shai Berger 72ebe85a26 Fixed #27910 -- Added enumeration helpers for use in Field.choices.
These classes can serve as a base class for user enums, supporting
translatable human-readable names, or names automatically inferred
from the enum member name.

Additional properties make it easy to access the list of names, values
and display labels.

Thanks to the following for ideas and reviews:

Carlton Gibson, Fran Hrženjak, Ian Foote, Mariusz Felisiak, Shai Berger.

Co-authored-by: Shai Berger <shai@platonix.com>
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-09-04 14:42:49 +02:00
Nasir Hussain 25706d7285 Fixed #29714 -- Allowed using ExceptionReporter subclass with AdminEmailHandler. 2019-09-04 08:40:46 +02:00
Viktor Lomakin 5931d2e96a Fixed #30691 -- Made migrations autodetector find dependencies for foreign keys altering. 2019-09-03 14:45:49 +02:00
Carlton Gibson 4f61810751 Fixed #30747 -- Renamed is_safe_url() to url_has_allowed_host_and_scheme(). 2019-09-02 15:32:23 +02:00
Simon Charette 13a8884a08 Fixed #30739 -- Fixed exclusion of multi-valued lookup against outer rhs.
OuterRef right hand sides have to be nested, just like F rhs have to,
during the subquery pushdown split_exclude performs to ensure they are
resolved against the outer query aliases.
2019-09-02 10:52:36 +02:00
Alan Crosswell 03fa846c6a Fixed #30731 -- Fixed handling trailing groups in simplify_regex().
Previously simplify_regex() didn't handle trailing groups for regexp
without the end of string character ("$").
2019-08-30 12:43:39 +02:00
Berker Peksag 400ec5125e Fixed #18763 -- Added ModelBackend/UserManager.with_perm() methods.
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2019-08-29 19:32:12 +02:00
daniel a rios b5a5c92c72 Fixed #30066 -- Enabled super user creation without email and password 2019-08-29 12:49:16 +02:00
Carlton Gibson 57b9604451 Converted auth test to use subTest(). 2019-08-29 12:49:16 +02:00
Matthew Schinckel 4137fc2efc Fixed #25367 -- Allowed boolean expressions in QuerySet.filter() and exclude().
This allows using expressions that have an output_field that is a
BooleanField to be used directly in a queryset filters, or in the
When() clauses of a Case() expression.

Thanks Josh Smeaton, Tim Graham, Simon Charette, Mariusz Felisiak, and
Adam Johnson for reviews.

Co-Authored-By: NyanKiyoshi <hello@vanille.bid>
2019-08-29 09:45:29 +02:00
Mariusz Felisiak 069bee7c12
Used skipUnlessDBFeature instead of checking vendor in test_filtering_on_annotate_that_uses_q. 2019-08-29 09:40:34 +02:00
Mariusz Felisiak c7f656435c
Added tests for raising an error when passing non-boolean expression to When(). 2019-08-29 09:29:46 +02:00
Federico Jaramillo Martínez 8f6860863e Fixed #30722 -- Added default rate-limiting requests to admin's Select2 widget. 2019-08-27 13:47:36 +02:00
Andrew Brown 691def10a0 Fixed #30727 -- Made Subquery pickle without evaluating their QuerySet.
Subquery expression objects, when pickled, were evaluating the QuerySet
objects saved in its _constructor_args attribute.
2019-08-27 13:05:20 +02:00
Hasan Ramezani 03dbdfd9bb Fixed #29019 -- Added ManyToManyField support to REQUIRED_FIELDS. 2019-08-26 14:48:40 +02:00
Jon Dufresne 5dac63bb84 Refs #27804 -- Used subTest() in utils_tests/test_encoding.py. 2019-08-26 11:58:06 +02:00
Mariusz Felisiak 579909a13f
Refs #30591 -- Fixed introspection of check and unique column constraints on MariaDB.
Unnamed unique and check columns constraints have the same name as
a column. Ensure uniqueness by using custom names.

Thanks Adnan Umer for the report.
2019-08-26 09:15:37 +02:00
Tim Gates 6b402b28b3 Fixed typo in tests/prefetch_related/tests.py comment. 2019-08-26 08:14:29 +02:00
Simon Charette bb9e82f274 Fixed #29955 -- Added support for distance expression to the dwithin lookup.
This was missed when adding support to other distance lookups in
refs #25499.

Thanks Peter Bex for the report and Mariusz for testcases.
2019-08-23 21:28:28 +02:00
Mariusz Felisiak 92c72b68b7
Fixed broken OracleDbshellTests tests after 9386586f31. 2019-08-23 21:25:21 +02:00
Claude Paroz 9386586f31 Replaced subprocess commands by run() wherever possible. 2019-08-23 10:53:36 +02:00
Min ho Kim 7bd9633320 Fixed typos in test names and a comment. 2019-08-23 10:46:43 +02:00
Mariusz Felisiak 521308e575 Fixed #30715 -- Fixed crash of ArrayField lookups on ArrayAgg annotations over AutoField. 2019-08-23 10:43:08 +02:00
Carlton Gibson 5b4c6b58a0
Fixed #30064 -- Added form to validate admin search fields query input. 2019-08-22 14:09:49 +02:00
Mads Jensen 85ac838d9e Fixed #21039 -- Added AddIndexConcurrently/RemoveIndexConcurrently operations for PostgreSQL.
Thanks to Simon Charettes for review.

Co-Authored-By: Daniel Tao <daniel.tao@gmail.com>
2019-08-21 13:10:06 +02:00
Hasan Ramezani 22394bd3a1 Fixed #29667 -- Prohibited whitespaces in path() URLs. 2019-08-20 11:53:10 +02:00
Nick Pope 21e559495b Fixed #29979, Refs #17337 -- Extracted AutoField field logic into a mixin and refactored AutoFields.
This reduces duplication by allowing AutoField, BigAutoField and
SmallAutoField to inherit from IntegerField, BigIntegerField and
SmallIntegerField respectively. Doing so also allows for enabling the
max_length warning check and minimum/maximum value validation for auto
fields, as well as providing a mixin that can be used for other possible
future auto field types such as a theoretical UUIDAutoField.
2019-08-20 09:22:25 +02:00
Mads Jensen b10d322c41 Moved migrations.test_operations.OperationTestBase to migrations.test_base.
Co-Authored-By: Daniel Tao <daniel.tao@gmail.com>
2019-08-19 16:06:14 +02:00
Hasan Ramezani 85458e94e3 Fixed #29260 -- Skipped an UPDATE when adding a model instance with primary key that has a default. 2019-08-19 13:28:35 +02:00
Claude Paroz d1c2e6dd04 Refs #28428 -- Made FileField.upload_to support pathlib.Path. 2019-08-18 20:34:58 +02:00
Claude Paroz af69842dbd Refs #28428 -- Added test for a callable FileField.upload_to that returns pathlib.Path. 2019-08-18 20:34:54 +02:00
Claude Paroz 0468159763 Refs #30426 -- Changed default SECURE_CONTENT_TYPE_NOSNIFF to True. 2019-08-18 13:17:49 +02:00
Simon Charette 8b4a43dda7 Fixed #29545 -- Fixed using filter lookups againts nested subquery expressions.
Made sql.Where resolve lhs of its child nodes. This is necessary to
allow filter lookups against nested subquery expressions to properly
resolve their OuterRefs to Cols.

Thanks Oskar Persson for the simplified test case.
2019-08-17 11:24:35 +02:00
Adnan Umer 6805c0f99f Fixed #30701 -- Updated patch_vary_headers() to handle an asterisk according to RFC 7231. 2019-08-16 15:25:42 +02:00
Andrew Brown 8a281aa7fe Fixed #30687 -- Fixed using of OuterRef() expressions in distance lookups. 2019-08-16 06:50:33 +02:00
zeyneloz 8289fc55ff Refs #30449 -- Made RelatedOnlyFieldListFilter respect ModelAdmin.ordering. 2019-08-15 10:29:10 +02:00
zeyneloz 00035672a4 Fixed #30449 -- Fixed RelatedFieldListFilter/RelatedOnlyFieldListFilter to respect model's Meta.ordering.
Regression in 6d4e5feb79.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-08-15 10:29:05 +02:00
Mariusz Felisiak 1f8382d34d
Fixed #30672 -- Fixed crash of JSONField/HStoreField key transforms on expressions with params.
Regression in 4f5b58f5cd.

Thanks Florian Apolloner for the report and helping with tests.
2019-08-14 15:25:35 +02:00
Claude Paroz eed2e740f7 Fixed #30461 -- Made GeoIP2 and GEOIP_PATH setting accept pathlib.Path as library path.
Thanks Nikita Krokosh for the initial patch.
2019-08-13 19:44:10 +02:00
Claude Paroz 88c0b907e7 Refs #30461 -- Added django.utils._os.to_path(). 2019-08-13 17:17:39 +02:00
Mariusz Felisiak c19ad2da4b
Fixed #30704 -- Fixed crash of JSONField nested key and index transforms on expressions with params.
Thanks Florian Apolloner for the report and helping with tests.
2019-08-13 08:42:17 +02:00
Min ho Kim 4f7328ce8a Corrected multiple typos. 2019-08-12 12:53:36 +02:00
Min ho Kim d7673d9eda Switched to use `HTTP_X_FORWARDED_PROTO` custom header in tests.
This is the conventional name: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto
2019-08-12 12:51:26 +02:00
Simon Charette f7e9db14bb Refs #25367 -- Added test for Exists() lookup rhs. 2019-08-12 09:39:26 +02:00
Simon Charette 8b3e1b6e9e Refs #11964 -- Made constraint support check respect required_db_features.
This will notably silence the warnings issued when running the test
suite on MySQL.
2019-08-12 06:44:37 +02:00
swatantra 73ac9e3f04 Fixed #30677 -- Improved error message for urlencode() and Client when None is passed as data. 2019-08-11 20:15:23 +02:00
Ngalim Siregar 503f60ff57 Fixed #29008 -- Fixed crash of 404 debug page when URL path converter raises Http404. 2019-08-09 22:48:08 +02:00
Adnan Umer 8d3519071e Fixed #30673 -- Relaxed system check for db_table collision when database routers are installed by turning the error into a warning. 2019-08-08 21:14:06 +02:00
Min ho Kim 65e86948b8 Corrected several typos in string literals and test names. 2019-08-07 11:23:14 +02:00
Andrew Godwin 052388aba4 Fixed #30676 -- Added --pdb option to test runner. 2019-08-07 08:16:31 +02:00
Adnan Umer c5075360c5 Fixed #30680 -- Removed obsolete system check for SECURE_BROWSER_XSS_FILTER setting. 2019-08-05 18:44:08 +02:00
Mariusz Felisiak 0e02e496cd Added tests for using ArrayField's IndexTransform/SliceTransform on expressions with params. 2019-08-05 14:16:25 +02:00
Diederik van der Boor 25f21bd237 Fixed #28393 -- Added helpful error messages for invalid AutoField/FloatField/IntegerField values.
Co-authored-by: Diederik van der Boor <vdboor@edoburu.nl>
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2019-08-05 08:41:29 +02:00
aaktsipetrov 4edad1ddf6 Fixed #30668 -- Made QuerySet.filter() raise NotSupportedError if any of source expressions is not filterable. 2019-08-02 15:06:00 +02:00
Nick Pope 194d1dfc18 Fixed #30661 -- Added models.SmallAutoField. 2019-08-02 11:39:01 +02:00
zeyneloz 955b382600 Fixed #30599 -- Prevented ManifestFilesMixin.read_manifest() from silencing errors other than FileNotFoundError. 2019-08-02 08:35:28 +02:00
zeyneloz 246689452d Added test for handling of non-existent manifest in ManifestFilesMixin.read_manifest(). 2019-08-02 08:35:25 +02:00
Mariusz Felisiak ff111ea5e3 Refs #30664 -- Fixed migrations crash when altering AutoField/BigAutoField with quoted db_column on PostgreSQL. 2019-08-01 12:06:32 +02:00
Ngalim Siregar e4684220af Fixed #30664 -- Fixed migrations crash when altering table on SQLite or altering AutoField/BigAutoField on PostgreSQL for models with quoted db_table. 2019-08-01 12:06:32 +02:00
Florian Apolloner 76ed1c49f8 Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri().
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Mariusz Felisiak 7deeabc7c7 Fixed CVE-2019-14234 -- Protected JSONField/HStoreField key and index lookups against SQL injection.
Thanks to Sage M. Abdullah for the report and initial patch.
Thanks Florian Apolloner for reviews.
2019-08-01 09:24:54 +02:00
Florian Apolloner 4b78420d25 Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities.
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Florian Apolloner 7f65974f82 Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML.
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Étienne Beaulé 5f24e7158e Fixed #30665 -- Added support for distinct argument to Avg() and Sum(). 2019-07-31 11:22:50 +02:00
Étienne Beaulé cb3c2da128 Moved test for distinct Count() to a separate test case. 2019-07-31 10:41:17 +02:00
Nick Pope f618e033ac Fixed #30160 -- Added support for LZMA and XZ templates to startapp/startproject management commands. 2019-07-31 10:02:13 +02:00
Nick Pope c95d063e77 Refs #30160 -- Simplified and improved tests for django.utils.archive.
The file executable should have 0o775 permission not only u=x.
The file no_permissions should have 0o644 u=r.
2019-07-31 09:46:24 +02:00
Hasan Ramezani e3fc9af4ab Refs #30593 -- Fixed introspection of check constraints columns on MariaDB. 2019-07-30 16:32:13 +02:00
Hasan Ramezani b2aad9ad4d Refs #30593 -- Added _parse_constraint_columns() hook to introspection on MariaDB. 2019-07-30 16:32:13 +02:00
Nick Pope 421c4cd2ee Removed redundant ArchiveTest.test_extract_method() test.
The extract() function has the same code as used in the test method
for Archive.extract().
2019-07-30 11:33:53 +02:00